How severe is CVE-2024-40445?

CVE-2024-40445 has a CVSS v3 score of 7.3 (HIGH).

CVE-2024-40445

Name: mimetex
Author: ctan

7.3HIGH

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

发布于: 4/22/2025更新于: 6/23/2025

描述

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

AI分析AI驱动

受影响产品

ctanmimetex

参考资料

https://github.com/Oefenweb/mimetex/blob/master/mimetex.c#L12414-L12423
Product
https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/
MitigationThird Party Advisory
https://youtu.be/OII16TteaJw
Broken Link
https://youtu.be/W2KPHFNfgrg
Broken Link